Security Engineer

Founded in 1910, KONE is a global leader that provides elevators, escalators and automatic building doors, as well as solutions for maintenance and modernization that add value to buildings throughout their life cycle. Our mission is to improve the flow of urban life and make our world’s cities better places to live by providing innovative solutions that help make people’s journeys safe, convenient and reliable. Our operations in over 60 countries around the world has helped us achieve our position as an innovation and sustainability leader with repeated recognitions by Forbes, Corporate Knights for clean capitalism and others.    

KONE’s vision is to create the Best People Flow experience by providing ease, effectiveness and experience to our customers and users. In line with our strategy, Sustainable Success with Customers, we will focus on increasing the value we create for customers with new intelligent solutions and embed sustainability even deeper across all of our operations. By closer collaboration with customers and partners, KONE will increase the speed of bringing new services and solutions to the market.    

KONE Technology and Innovation Unit (KTI) is where we combine the physical world – escalators and elevators – with smart and connected digital systems. We are changing and improving the way billions of people move within buildings every day. We are on a mission to expand and develop new digital solutions that are based on emerging technologies.   

IT professionals - KONE Corporation  

KONE Cybersecurity is an organization of security experts responsible for developing and managing cutting-edge solutions and processes to keep KONE secure globally. 
 
We are looking for 
 
Security Engineer, with a focus on SecDevOps  
 
to join our team of cybersecurity professionals. Our mission in KONE Cybersecurity is to keep KONE business cyber resilient. With cybersecurity tooling, including SecDevOps we help KONE people as well as our customers and partners to perform at their best, and at the same time keep KONE secure. The platforms that are in scope of SecDevOps are: 

• SAST and SCA based on BlackDuck products 

• DAST 

• Cloud security posture management 

• Continuous Threat Exposure Management 

• EASM based on Detectify and BitSight 

• Integrations between all above, as well as to various CI/CD tools (Github, GitLab, Jenkins), and to various cloud platforms (Azure, AWS, AliCloud) 

When the experience increases, the person in this position is expected to participate in other initiatives in Enterprise, Product or OT security, depending on the initiatives on-going at that point, and on the person’s background and interests. 

The position is based in Espoo Finland and will report to Head of Access and Tools in Cybersecurity. 
 
Main Responsibilities 

• Collaborate with application owners as well as with application and product security teams to capture their SecDevOps needs  

• Understand, analyze, and manage prioritization of the SecDevOps business requirements especially from technical feasibility point of view 

• Contribute in a key role to the on-going and upcoming projects in his/her responsibility area 

• Guide the scrum and support teams in their work, where needed 

• Implement or participate to implementing tough architectural or solution needs 

• Accountable for maintaining solution documentation 

• Co-operate with IT and business teams to ensure smooth development and transition to service 

  We Expect You To Have 

• Bachelor or Master’s degree in IT or Cybersecurity related area or respective knowledge 

• Excellent understanding and experience in SecDevOps solutions in a large organization 

• Good understanding of some SecDevOps solutions and their integrations. Experience on KONE specific SecDevOps tools is seen as an advantage 

• Experience in working with business stakeholders and IT partners, preferably in a global context and complex organization 

• Ability to design and facilitate effective building and deployment of high-quality functional requirements 

• Ability to guide teams 

• 3-10 years of experience in working in an international environment with ability to perform in virtual and matrix organizations 

• Strong analytical skills, conceptual thinking and problem-solving skills 

• Service focused approach and attitude 

• Real team player with flexibility under tight deadlines 

• Excellent written and oral communication skills 

• Proven track record for an excellent performance and quick learning 

• Technical skills 

• Development: Python, and Bash 

• Cloud: AWS, Azure 

• IAC: Terraform, Ansible 

• CI/CD: GitHub. Understanding of GitLab and Jenkins is beneficial. 

• Understanding and experience on cybersecurity also wider is a big benefit, examples: 

• End-point security e.g. with Microsoft Defender 

• Network security 

• SIEM, e.g. Splunk and Sentinel 

• Network vulnerability scanning, e.g. Qualys 

• Core regulations related to the area, especially CRA 

• Pentesting 

We offer you 

• A position in cybersecurity team which is responsible for all cybersecurity areas of a global organization – enterprise, product and OT 

• An environment where all our own cybersecurity development is done with modern DevOps tools on top of modern serverless hosting 

• An environment where a lot of our application counterparties operate in similarly modern DevOps environments and then connect to our SecDevOps pipelines to ensure their security 

• Possibility to extend your skills to all the Cybersecurity areas, based on your interest 

Want to join the #PeopleFlow?    

If you think this could be your next inspiring challenge, please submit your application including a cover letter and CV as soon as possible via our Careers site  Shape the future of cities. Join our flow. | KONE Careers  latest on  2nd J uly 2026,  however the position will be filled as soon as the suitable candidate is found so be quick! 

We look forward to hearing from you!  

#LI-IT   

#LI-Hybridd